Georgia voter records sitting on a state website – available to anyone

❝ A security researcher disclosed a gaping security hole at the outfit that manages Georgia’s election technology, days before the state holds a closely watched congressional runoff vote on June 20.

The security failure left the state’s 6.7 million voter records and other sensitive files exposed to hackers, and may have been left unpatched for seven months. The revealed files might have allowed attackers to plant malware and possibly rig votes or wreak chaos with voter rolls during elections…

❝ Logan Lamb, a 29-year-old Atlanta-based private security researcher…made the discovery last August. He…felt the election center had not been serious enough about security and came forward with his findings, this week.

❝ Lamb discovered the security hole — a misconfigured server — one day as he did a search of the Kennesaw State election-systems website. There, he found a directory open to the internet that contained not just the state voter database, but PDF files with instructions and passwords used by poll workers to sign into a central server used on Election Day. Lamb said he downloaded 15 gigabytes of data, which he later destroyed…

One thought on “Georgia voter records sitting on a state website – available to anyone”

Detailed information on nearly every U.S. voter — including in some cases their ethnicity, religion and views on political issues — was left exposed online for two weeks by a political consultancy which works for the Republican National Committee and other GOP clients.
The data offered a strikingly complete picture of the voting histories and political leanings of the American electorate laid out on an easily downloadable format, said cyber-security researcher Chris Vickery. He discovered the unprotected files of 198 million voters in a routine scan of the Internet last week and alerted law enforcement officials.
The precision and volume of the information, including dozens of data points on individual Republicans, Democrats and independent voters, highlights the rising sophistication of the data-mining efforts that have become central to modern political campaigns. https://www.washingtonpost.com/news/the-switch/wp/2017/06/19/republican-contractor-database-every-voter-exposed-internet-12-days-researcher-says/
See also “Arlington firm says its data leak of millions of voters occurred ‘without our knowledge’ http://www.bizjournals.com/washington/news/2017/06/19/arlington-firm-says-its-data-leak-of-millions-of.html (roughly 198 million of America’s 200 million registered voters had their information leaked, or roughly 60 percent of the entire American population)